CVE-2024-0157

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Apr 12, 2024

Updated: Apr 15, 2024

CWE ID 400

Summary

CVE-2024-0157 is a session fixation vulnerability affecting Dell Storage Resource Manager (SRM) versions 4.9.0.0 and older. An unauthenticated attacker present on the adjacent network can take advantage of this issue, resulting in the hijacking of a targeted user's application session. The SRM Windows Host Agent is the affected component, putting Dell SRM installations at risk. The impact of this vulnerability is significant as it allows an attacker to gain control over a user's session, potentially leading to unauthorized access and data manipulation. It is crucial for organizations using Dell SRM to apply the necessary patches and updates to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database